update coturn to help it launch on startup

2023-06-19 14:25:50 -07:00 · 2023-06-19 14:25:50 -07:00 · 7ed68722b5
commit 7ed68722b5
parent e18c7d1c83
1 changed files with 43 additions and 15 deletions
--- a/modules/coturn.nix
+++ b/modules/coturn.nix
@ -2,22 +2,50 @@
 let
 	personalization = import ./personalization.nix;
 	in
 {
-		services.coturn = {
+
-		enable = true;
+	systemd.services.sslcoturn = {
-		use-auth-secret = true;
+	  
-		static-auth-secret = "${personalization.age.secrets.turn.file}";
+	  script = ''
-		realm = personalization.matrix_url;
+	   
-		cert = "/var/lib/coturn/${personalization.matrix_url}.crt.pem";
+	   systemctl restart coturn   
-		pkey = "/var/lib/coturn/${personalization.matrix_url}.key.pem";
+	   
-		min-port = 49152;
+	  '';
-		max-port = 65535;
+
-		no-cli = true;
+	  unitConfig = {
-		#listening-ips = [ "127.0.0.1" ];
+	  	Type = "simple";
-		extraConfig = ''
+	    After = "NetworkManager.service";
-			verbose
+	    Requires = "network-online.target";
-			external-ip=${personalization.external_ip_secret}
+	  };
-		'';
+	   
 	  serviceConfig = {
 	    emainAfterExit = "yes";
 	     Type = "oneshot";
 	  };
 	  wantedBy = [ "multi-user.target" ];
 	};
 	services.coturn = {
 	enable = true;
 	use-auth-secret = true;
 	static-auth-secret = "${personalization.age.secrets.turn.file}";
 	realm = personalization.matrix_url;
 	cert = "/var/lib/coturn/${personalization.matrix_url}.crt.pem";
 	pkey = "/var/lib/coturn/${personalization.matrix_url}.key.pem";
 	min-port = 49152;
 	max-port = 65535;
 	no-cli = true;
 	extraConfig = ''
 		verbose
 		external-ip=${personalization.external_ip_secret}
 	'';
 	};
 }